Language Selection

English French German Italian Portuguese Spanish

Microsoft, Linux vendors slow to fix flaw

Filed under
Security

Colin Percival detailed the vulnerability -- which affects versions of Intel's CPU that use a technology called hyper-threading -- at a conference on May 13.

The vulnerability could allow hackers to steal sensitive information such as passwords on servers configured to allow multiple users to login simultaneously.

The FreeBSD security team member has received formal responses to the issue from the makers of the BSD family of open-source operating systems, as well as SCO and Ubuntu Linux. However, Linux vendors Red Hat, Novell and Mandriva as well as Microsoft have been slow to act.

"Given that I reported this problem in early March, I really think that they [Microsoft and Linux vendors] should have had a patch over a month ago -- in time to test it extensively before releasing it on May 13th," Percival told ZDNet Australia .

"I made it quite clear to everyone that I would be releasing my paper on that date and that they should make sure they were ready by then," he added.

Although the problem only affects multi-user servers, these machines are widely used. "The most obvious example is shared Web servers, which constitutes the vast majority of small e-commerce sites," he said. "On these systems the flaw is very serious."

Full Story.

More in Tux Machines

GNOME Builder 3.22 Enters Beta with Many Vim Improvements, New Search & Replace

The GNOME Builder open-source IDE (Integrated Development Environment) designed for the GNOME desktop environment will soon get a major update as part of the upcoming GNOME 3.22 release. Read more

Geary 0.11.2 Email Client Improves Showing of Right-To-Left (RTL) Messages

A new version of the popular Geary open-source email client for GNU/Linux distributions has been made available for download earlier today, August 28, 2016. Read more

How To Turn On Num Lock Automatically On Startup In Linux

One of the frustrating thing in most Linux distros is that the Num Lock is not enabled on startup. Whenever I start typing my password at system login screen, the focus goes out of the password field. It happens very often with people and this little problem is very irritating. But don't worry. You can set your Linux to enable Num Lock automatically on startup. Read
more

Windows 10 vs. Linux Radeon Software Performance, Including AMDGPU-PRO & RadeonSI

As alluded to earlier and on Twitter, the past few days I have been working on a fresh Windows 10 vs. Ubuntu Linux graphics/gaming performance comparison. This time it's looking at the latest Radeon performance using an R9 Fury and RX 480. Tests on Windows were obviously done with Radeon Software Crimson Edition while under Linux were the two latest AMD/RTG Linux driver options: the hybrid AMDGPU-PRO driver and the fully open-source driver via Linux 4.8 and Mesa 12.1-dev. Read more